Professional Documents
Culture Documents
Topic 9 - AF Chapter 5 Slides 1 of 3
Topic 9 - AF Chapter 5 Slides 1 of 3
Topic 9
Slides 1 of 3
Senior Lecturer
Head: UP Centre for Internal Auditing Excellence
Graduated with two Masters degrees (UP & UTD)
Visiting adjunct faculty at Louisiana State University (LSU) in
the USA
Past chairman of the Global Institute of Internal Auditors’ ARC
Apart from teaching in the USA, also taught at Nanjing Audit
University in China
Published 4 textbooks and various articles
Presented at numerous conferences in South Africa, Kenya,
Mexico and the United States.
Volunteer auditor for Habitat for Humanity in Uganda.
2
Topic 9 – Background to internal controls with a focus
on Information System and Communications; and
an introduction to a computerised environment
3
Sources:
• Auditing Fundamentals 2nd Edition – Chapter 5
• Graded Questions 3rd Edition: Chapter 5
4
Background
• Information systems and communication forms part of one
of the 5 components of internal control.
• Information systems forms a crucial part of an entity’s
business processes and is used in the recording and
processing of transactions and the subsequent reporting of
information.
• Automated/computerised accounting systems are mostly
used to initiate, record, process and report on transactions.
5
Introduction to a computerised
environment
(AF, Chapter 5: pages 139 – 152)
6
5.1 Introduction
Data vs Information
Communication = flow of data and information through networks
Difference between hardware and software (incl systems and application
software)
Transaction vs Master files
Processing (real-time vs batch processing)
Data structures = Character Field Record File Database
Slide 7
5.2 IT Evolvement
Slide 8
5.3 IT Governance
5.4 Impact of IT
New risks
Access
Less segregation of duties
Lack of physical processes and documents
Automatic transactions
Consistency in errors
UPSIDE: Removes ad hoc human error, speed and opportunities for better monitoring
Slide 9
5.5 Components
Hardware
Software
People
Procedures
Data
Slide 10
Slide 11
5.6 cont. : Processing
Slide 12
5.7 Classification of IT Controls
General controls
Controls over the complete computer information systems environment.
These are over-arching controls
Should be implemented for all computer environments, irrespective of their size
and complexity
In place irrespective of whether any transactions processed or not
Slide 13